VYPR

GORTAC750

by Dlink

CVEs (15)

  • CVE-2022-37055CriKEVAug 28, 2022
    risk 0.80cvss 9.8epss 0.57

    D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,

  • CVE-2023-34800CriJun 15, 2023
    risk 0.66cvss 9.8epss 0.29

    D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main.

  • CVE-2022-37057CriAug 28, 2022
    risk 0.66cvss 9.8epss 0.25

    D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.

  • CVE-2022-37056CriAug 28, 2022
    risk 0.65cvss 9.8epss 0.10

    D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,

  • CVE-2024-27683CriApr 11, 2024
    risk 0.64cvss 9.8epss 0.01

    D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify.

  • CVE-2024-22853CriFeb 6, 2024
    risk 0.64cvss 9.8epss 0.05

    D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.

  • CVE-2024-22852CriFeb 6, 2024
    risk 0.64cvss 9.8epss 0.01

    D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload.

  • CVE-2024-22916CriJan 16, 2024
    risk 0.64cvss 9.8epss 0.01

    In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow.

  • CVE-2023-48842CriDec 1, 2023
    risk 0.64cvss 9.8epss 0.04

    D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

  • CVE-2023-26822CriApr 1, 2023
    risk 0.64cvss 9.8epss 0.03

    D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main.

  • CVE-2022-36525CriAug 15, 2022
    risk 0.64cvss 9.8epss 0.01

    D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main.

  • CVE-2022-36523CriAug 15, 2022
    risk 0.64cvss 9.8epss 0.02

    D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php.

  • CVE-2022-36526HigAug 15, 2022
    risk 0.49cvss 7.5epss 0.01

    D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin.

  • CVE-2022-36524HigAug 15, 2022
    risk 0.49cvss 7.5epss 0.01

    D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh.

  • CVE-2024-27684MedMar 4, 2024
    risk 0.40cvss 6.1epss 0.01

    A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter.